Our favorite 5 hacking items

1. Book of the week

The folks from Appsecco regularly share great information and tools on recon and particularly subdomain enumeration, including two LevelUptalks and now this free book.
I highly recommend it, but make sure to take notes and integrate the different techniques into your subdomain enumeration methodology to benefit from it.

3. Tool of the week

There are a lot of tools to monitor Certificate Transparency logs nowadays. Although I already use some of them like Censys, Crt.sh & Facebook’s CT monitoring tool, I immediately added this one to my methodology because it presents a stream that is updated with SSL certificates in real time!

You can interact with the CT log stream using libraries provided in Python, Javascript, Go or Java.

4. Video of the week

This is a relatively short talk but the advice given is gold, especially if you are new to bug hunting. Frans talks about ups and downs of bug bounty and some tips to avoid dupes, N/As and boredom.

For example, he recommends hunting on old programs with a large attack surface like Google, Facebook or Yahoo because they put up new code all the time and are less tested since most newbies go for the new programs.

MicroBurst: A collection of scripts for assessing Microsoft Azure security

domain_hunter: A Burp Suite Extender that search sub domain and similar domain from sitemap,get related domains from certification

tcpbin: Very crude and poorly written HTTP(s) and SMTP bin. It sets up TCP sockets on ports 80(http), 443(https), 25(smtp) to listen for incoming data. Then it dumps these to a log folder which can be viewed on port 8000(https).